summaryrefslogtreecommitdiff
path: root/docs/configuration/interfaces/ethernet.rst
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2020-12-23 14:16:37 +0100
committerChristian Poessinger <christian@poessinger.com>2020-12-23 14:16:44 +0100
commit6cdae273512a3e78cef93c1227274fcf4733add0 (patch)
tree67ea97d60ed3f655eb4ba51c78445781035cc25c /docs/configuration/interfaces/ethernet.rst
parent7c1f38781ad05e18bda5649c07226784e645ec33 (diff)
downloadvyos-documentation-6cdae273512a3e78cef93c1227274fcf4733add0.tar.gz
vyos-documentation-6cdae273512a3e78cef93c1227274fcf4733add0.zip
ethernet: xdp: adjust CLI node
Diffstat (limited to 'docs/configuration/interfaces/ethernet.rst')
-rw-r--r--docs/configuration/interfaces/ethernet.rst21
1 files changed, 16 insertions, 5 deletions
diff --git a/docs/configuration/interfaces/ethernet.rst b/docs/configuration/interfaces/ethernet.rst
index 25eebf25..8c6bcc07 100644
--- a/docs/configuration/interfaces/ethernet.rst
+++ b/docs/configuration/interfaces/ethernet.rst
@@ -92,13 +92,24 @@ Offloading
the IPv4 ID is not sequentially incrementing it will be altered so that it is
when a frame assembled via GRO is segmented via GSO.
- .. warning:: Recent 1.3 rolling images also support XDP offloading which
- stands for eXpress Data Path in the Linux Kernel. You must enable it for
- every interface which should participate in the XDP forwarding.
+.. cfgcmd:: set interfaces ethernet <interface> xdp
- Enabling this feature will break any form of NAT or Firewalling on this
- interface, as XDP is handled way earlier in the driver then NfTables.
+ Enable support for Linux :abbr:`XDP (eXpress Data Path)` on recent 1.3 rolling
+ releases. You must enable it for every interface which should participate in
+ the XDP forwarding.
+ XDP is an eBPF based high performance data path merged in the Linux kernel
+ since version 4.8. The idea behind XDP is to add an early hook in the RX path
+ of the kernel, and let a user supplied eBPF program decide the fate of the
+ packet. The hook is placed in the NIC driver just after the interrupt
+ processing, and before any memory allocation needed by the network stack
+ itself, because memory allocation can be an expensive operation.
+
+ .. warning:: This is highly experimental!
+
+ .. note:: Enabling this feature will break any form of NAT or Firewalling on
+ this interface, as XDP is handled way earlier in the driver then iptables/
+ nftables.
VLAN
====